The Supreme Court ruled that the police violated the 4th amendment (protection against unreasonable searches and seizures) when police used GPS tracking on a narcotics-operative’s vehicle (planted there without his knowledge) to convict the man. His conviction was overturned because there was no valid warrant for the tracker.

It seems that the Court will ‘figure out later’ if traffic surveillance/cameras similarly violate the 4th amendment. For now, they appear to have put that off and are focusing on the violation to purposeful individual tracking.

I’m sure this means something to context aware and rich interactive mobile computing – e.g. there could be ramifications later in terms of privacy violations, even if the tracking is not driven by the desire/need to track one individual but if an individual’s movements are tracked as part of crowd surveillance.

Here’s a provocative excerpt from the WSJ article on this subject:

“With such rapidly advancing technology, the Scalia approach left open “particularly vexing problems,” Justice Alito wrote, particularly when police don’t have to physically touch a vehicle to conduct surveillance. He mentioned automatic toll-collection systems and smart-phones that continuously track their own location as examples.”

My Gartner colleagues are correct in pointing out that legally, this decision only impacts law enforcement searches and investigations and has no bearing on the private sector.

But I can’t help but think that the lines are blurred between what the cops can do and what private industry and advertisers can do, at least in end-user and consumer minds.

It would make it a whole lot easier if private sector service providers enabled consumers to ‘opt-in’ to location and – similarly – device tracking. That would certainly avoid a lot of unnecessary busy work as vendors and service providers work around ‘tagging’ customer endpoints.

For example, with iOS 5, Apple is discontinuing enabling Apple iPhone tracking through their hardware ID, the UDID and now all these workarounds are being developed and implemented, even presumably by Apple (for iTunes) itself. The discontinuance of enabling UDID tracking was reportedly, Apple’s response to accusations of privacy intrusive practices.

User opt-in (or specific granting of permissions to be tracked) is the way to go and should be a standard across applications. Of course, when it comes to preventing fraudulent and ‘bad’ activities, service providers like banks can do pretty much anything they need to do to protect customer accounts and bank assets. (The fraud teams have a lot more customer data than the marketing teams as a result).

We can’t expect criminals to ‘opt-in’ to being tracked. So essentially, universal policies of opt-in will give companies a white list of presumably ‘good’ end users (some fraudsters will opt in to trick applications), and who ever doesn’t opt in will still get tracked, but only for security and fraud prevention purposes. And that definition – i.e. ‘security and fraud purposes’ — will certainly be open to interpretation as it is now.

In any event, my takeaway from all this is that transparency of tracking is a good thing for good people. Ask them if they want to be tracked and they will likely say OK, according to a recent Gartner survey. And let the courts figure out what’s OK for the bad guys. For now, it looks like their privacy needs to be respected too.

Category:

Avivah Litan
VP Distinguished Analyst 12 years at Gartner 30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.